<?php
/*
 * Search for users.
 */

// authenticate user first
F3::call('authentication.php');
if (F3::exists('auth_error'))
{
  // authentication failed
  return;
}

// check that we have at least the search string
if (!F3::exists('GET.search'))
{
	header('HTTP/1.1 500');
	header("Content-Type: application/json");
	$err = array("error_message" => "No search parameters supplied.");
	echo json_encode($err);
	return;
}

$string = strtolower(F3::get('GET.search'));
$par = explode(" ", $string);
$email = " ";
$name;
$i = 0;
$j = 0;
foreach($par as $a){
	if(strlen($a)==0){
		continue;
	}
	if(strpos($a,'@')==false){
		$name[$i] = $a;
		$i = $i+1;
	}
	else{
		$j = 1;
		$email = $a;
		break;
	}
}
// search for users

if($j==1){
	//we have the email address
	$sql = "SELECT id, email, nickname, fname, lname, gender, dob, SelfDescription FROM user WHERE email LIKE CONCAT('%',?,'%')";
	
	$param = array('1' => $email);
}
else if($i==1){
	$sql = "SELECT id, email, nickname, fname, lname, gender, dob, SelfDescription FROM user WHERE fname LIKE CONCAT('%',?,'%') union
			SELECT id, email, nickname, fname, lname, gender, dob, SelfDescription FROM user WHERE lname LIKE CONCAT('%',?,'%') union
			SELECT id, email, nickname, fname, lname, gender, dob, SelfDescription FROM user WHERE nickname LIKE CONCAT('%',?,'%')";
	$param = array('1'=>$name[0],'2'=>$name[0],'3'=>$name[0]);
}
else if($i==2){
	$sql = "SELECT id, email, nickname, fname, lname, gender, dob, SelfDescription FROM user WHERE fname LIKE CONCAT('%',?,'%') AND lname LIKE CONCAT('%',?,'%') union
			SELECT id, email, nickname, fname, lname, gender, dob, SelfDescription FROM user WHERE lname LIKE CONCAT('%',?,'%') AND fname LIKE CONCAT('%',?,'%') union
			SELECT id, email, nickname, fname, lname, gender, dob, SelfDescription FROM user WHERE nickname LIKE CONCAT('%',?,'%') AND fname LIKE CONCAT('%',?,'%') union
			SELECT id, email, nickname, fname, lname, gender, dob, SelfDescription FROM user WHERE fname LIKE CONCAT('%',?,'%') AND nickname LIKE CONCAT('%',?,'%') union
			SELECT id, email, nickname, fname, lname, gender, dob, SelfDescription FROM user WHERE nickname LIKE CONCAT('%',?,'%') AND lname LIKE CONCAT('%',?,'%') union
			SELECT id, email, nickname, fname, lname, gender, dob, SelfDescription FROM user WHERE lname LIKE CONCAT('%',?,'%') AND nickname LIKE CONCAT('%',?,'%')";
	
	$param = array('1'=>$name[0],'2'=>$name[1],'3'=>$name[0],'4'=>$name[1],'5'=>$name[0],'6'=>$name[1],'7'=>$name[0],'8'=>$name[1],'9'=>$name[0],'10'=>$name[1],'11'=>$name[0],'12'=>$name[1]);
}
else if($i==3){
	$sql = "SELECT id, email, nickname, fname, lname, gender, dob, SelfDescription FROM user WHERE fname LIKE CONCAT('%',?,'%') AND lname LIKE CONCAT('%',?,'%') AND nickname LIKE CONCAT('%',?,'%') union
			SELECT id, email, nickname, fname, lname, gender, dob, SelfDescription FROM user WHERE lname LIKE CONCAT('%',?,'%') AND fname LIKE CONCAT('%',?,'%') AND nickname LIKE CONCAT('%',?,'%') union
			SELECT id, email, nickname, fname, lname, gender, dob, SelfDescription FROM user WHERE nickname LIKE CONCAT('%',?,'%') AND fname LIKE CONCAT('%',?,'%') AND lname LIKE CONCAT('%',?,'%') union
			SELECT id, email, nickname, fname, lname, gender, dob, SelfDescription FROM user WHERE nickname LIKE CONCAT('%',?,'%') AND lname LIKE CONCAT('%',?,'%') AND fname LIKE CONCAT('%',?,'%')";
	
	$param = array('1'=>$name[0],'2'=>$name[1],'3'=>$name[2],'4'=>$name[0],'5'=>$name[1],'6'=>$name[2],'7'=>$name[0],'8'=>$name[1],'9'=>$name[2],'10'=>$name[0],'11'=>$name[1],'12'=>$name[2]);
}

$result = DB::sql($sql,$param);
$response = array();
foreach ($result as $row) {
	$r = array();
	$r['id'] = $row['id'];
	$r['email'] = $row['email'];
	$r['nickname'] = $row['nickname'];
	$r['fname'] = $row['fname'];
	$r['lname'] = $row['lname'];
	$r['gender'] = $row['gender'];
	$r['dob'] = $row['dob'];
	$r['SelfDescription'] = $row['SelfDescription'];
	array_push($response, $r);
}

header('HTTP/1.1 200');
header("Content-Type: application/json");
echo json_encode($response);

?>
